| Titel | GitHub hfly 1.0 Arbitrary file reading |
|---|
| Beschreibung | Arbitrary file read vulnerability refers to the ability of an attacker to bypass application restrictions and read arbitrary file contents on the server, including sensitive configurations, account passwords, keys, etc. Such vulnerabilities usually stem from the lack of strict verification of user input.The filename parameter of the download interface on the vulnerable site can be used to download any file. |
|---|
| Quelle | ⚠️ https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/PHP-based%20travel%20website-CMS/PHP-based%20travel%20website-CMS%20download%20filename%20Arbitrary%20file%20reading.md |
|---|
| Benutzer | webray.com.cn (UID 24778) |
|---|
| Einreichung | 28.11.2025 04:14 (vor 7 Monaten) |
|---|
| Moderieren | 11.12.2025 08:00 (13 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 335859 [baowzh hfly bis 638ff9abe9078bc977c132b37acbe1900b63491c download filename Directory Traversal] |
|---|
| Punkte | 20 |
|---|